Data Theorem, a company that delivers mobile app security to developers, has launched an automated API discovery and security analysis solution. This solution will address API security threats prevalent in enterprise serverless and microservices applications. This solution will allow developers to integrate API discovery and security assessment into their DevOps practices and CI/CD processes to protect any modern application.

Data Theorem has come up with two new products: API Discover and API Inspect. These tools address security concerns such as Shadow APIs, Serverless Applications, and API Gateway cross-check validation by conducting continuous security assessments on API authentication, encryption, source code, and logging.

The new API security solutions support Amazon’s Lambda and API Gateway tools to discover modern APIs and to compute the specification using standards such as Swagger and Open API 3.0.

By these solutions, users will be alerted of important and critical vulnerabilities caused by insufficient security protection. It will also alert users of newly created APIs built upon serverless frameworks and will deliver continuous, automated security analysis of these newly created APIs.

“Data Theorem uniquely addresses threat models related to modern apps, helping us identify issues related to privacy and application-layer attacks and the potential loss of sensitive data,” said Rich Tener, Director of Security for Evernote, a note-taking app. He further adds, “With Data Theorem, we have continuous security testing in place for all of our apps in the app stores. Traditional API security checks are not enough in our environment. The new API discovery and analysis products Data Theorem has delivered are truly differentiated – I haven’t seen anyone else in the industry building automated API security services like this.”